<?php
/* 
 * SAML 2.0 Meta data for simpleSAMLphp
 *
 * The SAML 2.0 IdP Remote config is used by the SAML 2.0 SP to identify trusted SAML 2.0 IdPs.
 *
 */

require_once dirname(__FILE__).'/../../../config.php';
$auth = get_auth_plugin('gsaml');

$metadata = array( 

  /*
   * This example shows an example config that works with Google Apps for education.
   * What is important is that you have an attribute in your IdP that maps to the local part of the email address
   * at Google Apps. E.g. if your google account is foo.com, and you have a user with email john@foo.com, then you
   * must set the simplesaml.nameidattribute to be the name of an attribute that for this user has the value of 'john'.
   */
  'google.com' => array(
    'AssertionConsumerService'   => 'https://www.google.com/a/'.$auth->config->domainname.'/acs', 
    'spNameQualifier'            => 'google.com', 
    'NameIDFormat'               => 'urn:oasis:names:tc:SAML:2.0:nameid-format:email',
    'simplesaml.nameidattribute' => 'useridemail', // cstones a user in that domain ?@mroomsdev .com
    'simplesaml.attributes'      => false
  )
);

